Search Results

Search found 3707 results on 149 pages for 'secure'.

Page 39/149 | < Previous Page | 35 36 37 38 39 40 41 42 43 44 45 46  | Next Page >

  • Javascript Cookie Function not working for Domain

    - by danit
    Here are the functions Im using: Set Cookie: function set_cookie ( name, value, exp_y, exp_m, exp_d, path, domain, secure ) { var cookie_string = name + "=" + escape ( value ); if ( exp_y ) { var expires = new Date ( exp_y, exp_m, exp_d ); cookie_string += "; expires=" + expires.toGMTString(); } if ( path ) cookie_string += "; path=" + escape ( path ); if ( domain ) cookie_string += "; domain=" + escape ( domain ); if ( secure ) cookie_string += "; secure"; document.cookie = cookie_string; } Read Cookie: function get_cookie ( cookie_name ) { var results = document.cookie.match ( '(^|;) ?' + cookie_name + '=([^;]*)(;|$)' ); if ( results ) return ( unescape ( results[2] ) ); else return null; } Delete Cookie: function delete_cookie ( cookie_name ) { var cookie_date = new Date ( ); // current date & time cookie_date.setTime ( cookie_date.getTime() - 1 ); document.cookie = cookie_name += "=; expires=" + cookie_date.toGMTString(); } The Jquery I use to construct the cookie: if(get_cookie('visible')== 'no') { $("#wrapper").hide(); $(".help").hide(); $("#slid .show").show(); $("#slid .hide").hide(); } else { $("#slid .show").hide(); $("#slid .hide").show(); } $("#slider").click(function() { if(get_cookie('visible')== null) { set_cookie('visible','no', 2020, 01,01, '/', 'domain.com'); } else { delete_cookie('visible'); } $(".help").slideToggle(); $("#wrapper").animate({ opacity: 1.0 },200).slideToggle(200, function() { $("#slid img").toggle(); }); }); Im trying to set the cookie for all pages that exist under domain.com with the path '/'. However using these functions and jQuery it doesn't appear to be working, any anyone give me an idea of where im going wrong?

    Read the article

  • Can tomcat perform ssl redirection by filtering host alias?

    - by Stephen
    Hi, We have a tomcat server (6.0.20) running one web application behind two urls, e.g. www.foo and secure.foo This is configured in the server.xml as one host with a single alias: <Host name="www.foo" appBase="webapps"> <Context docBase="foo" path=""></Context> <Alias>secure.foo</Alias> </Host> Ideally we'd like any requests to secure.foo on port 80 to be automatically redirected to use ssl. However, I can only find instructions for redirecting based on the path after the hostname, so I could add a /* security constraint but then this would apply to both urls. Does anyone know if it's possible to apply the redirection by filtering on hostname requested? (We've already got the ssl connector, certificate, etc. working ok). I know we could do it by sticking an apache server in front of tomcat and handling the redirection there, but I'm curious to know if tomcat can do this on its own. Thanks

    Read the article

  • Is it possible to spoof or reuse VIEWSTATE or detect if it is protected from modification?

    - by Peter Jaric
    Question ASP and ASP.NET web applications use a value called VIEWSTATE in forms. From what I understand, this is used to persist some kind of state on the client between requests to the web server. I have never worked with ASP or ASP.NET and need some help with two questions (and some sub-questions): 1) Is it possible to programmatically spoof/construct a VIEWSTATE for a form? Clarification: can a program look at a form and from that construct the contents of the base64-encoded VIEWSTATE value? 1 a) Or can it always just be left out? 1 b) Can an old VIEWSTATE for a particular form be reused in a later invocation of the same form, or would it just be luck if that worked? 2) I gather from http://msdn.microsoft.com/en-us/library/ms972976.aspx#viewstate_topic12 that it is possible to turn on security so that the VIEWSTATE becomes secure from spoofing. Is it possible for a program to detect that a VIEWSTATE is safeguarded in such a way? 2 a) Is there a one-to-one mapping between the occurrence of EVENTVALIDATION values and secure VIEWSTATEs? Regarding 1) and 2), if yes, can I have a hint about how I would do that? For 2) I am thinking I could base64-decode the value and search for a string that always is found in unencrypted VIEWSTATEs. "First:"? Something else? Background I have made a small tool for detecting and exploiting so called CSRF vulnerabilities. I use it to quickly make proof of concepts of such vulnerabilities that I send to the affected site owners. Quite often I encounter these forms with a VIEWSTATE, and these I don't know if they are secure or not. Edit 1: Clarified question 1 somewhat. Edit 2: Added text in italics.

    Read the article

  • When is it safe to use a broken hash function?

    - by The Rook
    It is trivial to use a secure hash function like SHA256 and continuing to use md5 is reckless behavior. However, there are some complexities to hash function vulnerabilities that I would like to better understand. Collisions have been generated for md4 and md5. According to NIST md5() is not a secure hash function. It only takes 2^39th operations to generate a collision and should never be used for passwords. However SHA1 is vulnerable to a similar collision attack in which a collision can be found in 2^69 operations, where as brute force is 2^80th. No one has generated a sha1 collision and NIST still lists sha1 as a secure message digest function. So when is it safe to use a broken hash function? Even though a function is broken it can still be "big enough". According to Schneier a hash function vulnerable to a collsion attack can still be used as an HMAC. I believe this is because the security of an HMAC is Dependant on its secret key and a collision cannot be found until this key is obtained. Once you have the key used in a HMAC its already broken, so its a moot point. What hash function vulnerabilities would undermine the security of an HMAC? Lets take this property a bit further. Does it then become safe to use a very weak message digest like md4 for passwords if a salt is perpended to the password? Keep in mind the md4 and md5 attacks are prefixing attacks, and if a salt is perpended then an attacker cannot control the prefix of the message. If the salt is truly a secret, and isn't known to the attacker, then does it matter if its a appended to the end of the password? Is it safe to assume that an attacker cannot generate a collision until the entire message has been obtained? Do you know of other cases where a broken hash function can be used in a security context without introducing a vulnerability? (Please post supporting evidence because it is awesome!)

    Read the article

  • Best Method to SFTP or FTPS Files via SSIS

    - by Registered User
    What is the best method using SSIS (SQL Server Integration Services) to upload a file to either a remote SFTP (secure FTP with SSH2 protocal) or FTPS (FTP over SSL) site? I've used the following methods, but each has short-comings I would like to avoid: COZYROC LIBRARY Method: Install the CozyRoc library on each development and production server and use the SFTP task to upload the files. Pros: Easy to use. It looks, smells, and feels like a normal SSIS task. SSIS also recognizes the password as sensitive information and allows you all the normal options for protecting the sensitive information instead of just storing it in clear text in a non-secure manner. Works well with other SSIS tasks such as ForEach Loop Containers. Errors out when uploads and downloads fail. Works well when you don't know the names of the files on the remote FTP site to download or when you won't know the name of the file to upload until run-time. Cons: Costs money to license in a production environment. Makes you dependent upon the vendor to update their libraries between each version. Although they already have a 2008 version, this caused me a problem during the CTP's of 2008. Requires installing the libraries on each development and production machine. COMMAND LINE SFTP PROGRAM Method: Install a free command-line SFTP application such as Putty and execute it either by running a batch file or operating system process task. Pros: Free, free, and free. You can be sure it is secure if you are using Putty since numerous GUI FTP clients appear to use Putty under the covers. You DEFINATELY know you are using SSH2 and not SSH. Cons: The two command-line utilities I tried (Putty and Cygwin) required storing the SFTP password in a non-secure location. I haven't found a good way to capture failures or errors when uploading files. The process doesn't look and smell like SSIS. Most of the code is encapsulated in text files instead of SSIS itself. Difficult to use if you don't know the exact name of the file you are uploading or downloading. A 3RD PARTY C# or VB.NET LIBRARY Method: Install a SFTP or FTPS library and use a Script Task that references the library to upload the files. (I've never tried this, so I'm going to guess at the pros and cons) Pros: Probably easy to capture errors. Should work well with variables, so it would probably be easy to use even when you don't know the exact name of the file you are uploading or downloading. Cons: It's a script task combined with .NET libraries. If you are using SSIS, then you probably are more comfortable with SSIS tasks then .NET code. Script tasks are also difficult to troubleshoot since they don't have the same debugging tools and features as regular .NET projects. Creates a dependency on 3rd party code that may not work between different versions of SQL Server. To be fair, it is probably MORE likely to work between different versions of SQL Server than a 3rd party SSIS task library. Another huge con -- I haven't found a free C# or VB.NET library that does this as of yet. So if anyone knows of one, then please let me know!

    Read the article

  • Running jira at jira.[my domain].com

    - by Ivan Zamylin
    I have jira installed on my server. It was running at http://[my ip address]:8100. I could manage to change it to http://jira.[my domain].com. Now after I access it at http://jira.[my domain].com, a browser path changes to http://jira.[my domain].com:8100/secure/Dashboard.jspa. Why does the port show up? Is there any way to remove 8100 port from this redirect. I'd like it to be http://jira.[my domain].com/secure/Dashboard.jspa Also my jira now responds both to jira.[my domain].com and [my ip address]:8100. The latter one is corrupted. Is it possible to stop user accessing it? Thank you!

    Read the article

  • Mod_rewrite display subdomain.domain.com and call domain.com/subdomain/ for SSL

    - by Jeff H.
    I have a website secured by a standard SSL certificate, securing a few different shops under different subdirectories. Ex. domain.com/shop1/ The shops are also accessible via a subdomain e.g. shop1.domain.com. What I'm trying to accomplish: display shop1.domain.com to the user, while keeping all of the actual server calls as domain.com/shop1, so that the secure pages will continue to work properly. (Not sure if I'm using the proper language, exactly, I hope my point is clear.) To be clear: my SSL is working fine, and I don't need help with that, and I don't need or want to purchase a UCC cert. It can't be that difficult for anyone with experience with Apache. (I've spent 3 hours trying to learn about mod_rewrite. It's just not clicking.) I'm on a GoDaddy secure shared server, so please keep in mind that I'm not able to reset the server or anything.

    Read the article

  • Server Security

    - by mahatmanich
    I want to run my own root server (directly accessible from the web without a hardware firewall) with debian lenny, apache2, php5, mysql, postfix MTA, sftp (based on ssh) and maybe dns server. What measures/software would you recomend, and why, to secure this server down and minimalize the attack vector? Webapplications aside ... This is what I have so far: iptables (for gen. packet filtering) fail2ban (brute force attack defense) ssh (chang default, port disable root access) modsecurity - is really clumsy and a pain (any alternative here?) ?Sudo why should I use it? what is the advantage to normal user handling thinking about greensql for mysql www.greensql.net is tripwire worth looking at? snort? What am I missing? What is hot and what is not? Best practices? I like "KISS" - Keep it simple secure, I know it would be nice! Thanks in advance ...

    Read the article

  • How to securely generate memorable passwords?

    - by Tim
    Whenever I need new passwords I use some tools to generate those, preferable memorable passwords, but I've been wondering how secure this might actually be. Using The xkcd random number generator is probably pretty bad, cat /dev/random is probably pretty good, but generating memorable passwords seems a bit more tricky. Whenever a program generates a memorable password, it only uses a subset of the total password space available, and it is not clear to me how big this space is. Of course a long password should help in this case, but if the `memorable' part of the program is too predictable, your passwords are not very good in the end. TL;DR: how secure are memorable password generators, given the fact that `memorable' passwords are a subset of total password space? Some tools I know of: pwgen -- seems ok, but passwords are not too memorable Mac Password Assistant - generates memorable passwords but it is unclear to me how this works.

    Read the article

  • Configure Postfix to Port other than 25

    - by bwheeler96
    I've done quite a bit of googling on how to reconfigure postfix to work on a different port, but I still can't fond the line(s) people keep talking about in my master.cf. I'm using OS X Mountain Lion, and my ISP blocks traffic both ways on port 25. people have said to look for a line that says smtp inet n - n - - smtpd I can't find it. This is (what I believe to be) unmodified # ==== Begin auto-generated section ======================================== # This section of the master.cf file is auto-generated by the Server Admin # Mail backend plugin whenever mails settings are modified. smtp inet n - n - 1 postscreen smtpd pass - - n - - smtpd dnsblog unix - - n - 0 dnsblog tlsproxy unix - - n - 0 tlsproxy submission inet n - n - - smtpd -o smtpd_tls_security_level=encrypt smtp unix - - n - - smtp # === End auto-generated section =========================================== # Modern SMTP clients communicate securely over port 25 using the STARTTLS command. # Some older clients, such as Outlook 2000 and its predecessors, do not properly # support this command and instead assume a preconfigured secure connection # on port 465. This was sometimes called "smtps", but such usage was never # approved by the IANA and therefore conflicts with another, legitimate assignment. # For more details about managing secure SMTP connections with postfix, please see: # http://www.postfix.org/TLS_README.html # To read more about configuring secure connections with Outlook 2000, please read: # http://support.microsoft.com/default.aspx?scid=kb;en-us;Q307772 # Apple does not support the use of port 465 for this purpose. # After determining that connecting clients do require this behavior, you may choose # to manually enable support for these older clients by uncommenting the following # four lines. #465 inet n - n - - smtpd # -o smtpd_tls_wrappermode=yes # -o smtpd_sasl_auth_enable=yes # -o smtpd_client_restrictions=permit_sasl_authenticated,reject # -o milter_macro_daemon_name=ORIGINATING #628 inet n - n - - smtp pickup fifo n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr fifo n - n 300 1 qmgr #qmgr fifo n - n 300 1 oqmgr tlsmgr unix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify sacl-cache unix - - n - 1 sacl-cache flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap # When relaying mail as backup MX, disable fallback_relay to avoid MX loops relay unix - - n - - smtp -o smtp_fallback_relay= # -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 showq unix n - n - - showq error unix - - n - - error retry unix - - n - - error discard unix - - n - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scache unix - - n - 1 scache # # ==================================================================== # Interfaces to non-Postfix software. Be sure to examine the manual # pages of the non-Postfix software to find out what options it wants.

    Read the article

  • Uploading files to https mediawiki

    - by zac
    I am unable to upload files (images) to my mediawiki install. I think it may have something to do with it is being hosted as http secure(HTTPS). I followed carefully the instructions here. I updated write permissions to the /images/ dir drwxrwxrwx 2 apache apache 4096 Apr 13 19:04 images php.ini file_uploads = On In LocalSettings.php $wgEnableUploads = true; $wgFileExtensions = array('png','jpg','jpeg','gif'); When I try to upload it quickly refreshes the page without any errors or any indication anything went wrong, other than how fast it refreshed. When I navigate to the history of uploads it is empty. How can I troubleshoot this. Is it related to the secure http?

    Read the article

  • ubuntu mail server settings and /etc/hosts file

    - by mbrc
    This is my /etc/hosts file 127.0.0.1 localhost.localdomain localhost 127.0.1.1 ubuntu-server.xx.com ubuntu-server 193.77.xx.xx mail.xx.com mail # The following lines are desirable for IPv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters is this correct configuration for my mail server. I am behind router so i don't know if is ok to use my IP for mail.xx.com and 127.0.0.1 for localhost problem is that i can receive mail but when i send it i get Oct 17 21:29:32 ubuntu-server postfix/smtpd[2453]: warning: SASL authentication failure: Password verification failed Oct 17 21:29:32 ubuntu-server postfix/smtpd[2453]: warning: my.router[192.168.1.1]: SASL PLAIN authentication failed: authentication failure Oct 17 21:29:34 ubuntu-server postfix/smtpd[2453]: warning: my.router[192.168.1.1]: SASL LOGIN authentication failed: authentication failure EDIT: mabye is problem some port. i foward this ports. POP3 - port 110 IMAP - port 143 SMTP - port 25 HTTP - port 80 Secure SMTP (SSMTP) - port 465 Secure IMAP (IMAP4-SSL) - port 585 StartTLS - port 587 IMAP4 over SSL (IMAPS) - port 993 Secure POP3 (SSL-POP) - port 995 postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no broken_sasl_auth_clients = yes config_directory = /etc/postfix content_filter = amavis:[127.0.0.1]:10024 delay_warning_time = 4h disable_vrfy_command = yes inet_interfaces = all inet_protocols = all mailbox_size_limit = 0 maximal_backoff_time = 8000s maximal_queue_lifetime = 7d message_size_limit = 0 minimal_backoff_time = 1000s mydestination = myhostname = mail.xx.com mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mynetworks_style = host myorigin = /etc/mailname readme_directory = no receive_override_options = no_address_mappings recipient_delimiter = + relayhost = smtp_helo_timeout = 60s smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtp_use_tls = yes smtpd_banner = $myhostname ESMTP $mail_name smtpd_client_restrictions = reject_rbl_client sbl.spamhaus.org, reject_rbl_client blackholes.easynet.nl, reject_rbl_client dnsbl.njabl.org smtpd_data_restrictions = reject_unauth_pipelining smtpd_delay_reject = yes smtpd_hard_error_limit = 12 smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks, warn_if_reject reject_non_fqdn_hostname, reject_invalid_hostname, permit smtpd_recipient_limit = 16 smtpd_recipient_restrictions = reject_unauth_pipelining, permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, permit smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = smtpd_sasl_security_options = noanonymous smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, warn_if_reject reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_pipelining, permit smtpd_soft_error_limit = 3 smtpd_tls_cert_file = /etc/ssl/private/mail.xx.com.crt smtpd_tls_key_file = /etc/ssl/private/mail.xx.com.key smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes unknown_local_recipient_reject_code = 450 virtual_alias_maps = mysql:/etc/postfix/maps/alias.cf virtual_gid_maps = static:5000 virtual_mailbox_base = /var/spool/mail/virtual virtual_mailbox_domains = mysql:/etc/postfix/maps/domain.cf virtual_mailbox_limit = 0 virtual_mailbox_maps = mysql:/etc/postfix/maps/user.cf virtual_uid_maps = static:5000 saslfinger -c version: 1.0.4ostfix Cyrus sasl configuration Ä mode: client-side SMTP AUTH -- basics -- Postfix: 2.9.3 System: Ubuntu 12.04.1 LTS \n \l -- smtp is linked to -- libsasl2.so.2 => /usr/lib/i386-linux-gnu/libsasl2.so.2 (0x00d3a000) -- active SMTP AUTH and TLS parameters for smtp -- relayhost = smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtp_use_tls = yes -- listing of /usr/lib/sasl2 -- total 28 drwxr-xr-x 2 root root 4096 okt 14 15:18 . drwxr-xr-x 72 root root 12288 okt 14 15:03 .. -rw-r--r-- 1 root root 1 maj 4 06:17 berkeley_db.txt -rw-r----- 1 root root 701 okt 14 15:18 saslpasswd.conf -rw-r----- 1 smmta smmsp 885 okt 14 15:18 Sendmail.conf -- listing of /etc/postfix/sasl -- total 12 drwxr-xr-x 2 root root 4096 okt 11 18:55 . drwxr-xr-x 4 root root 4096 okt 12 06:59 .. -rwx------ 1 root root 241 okt 11 18:55 smtpd.conf Cannot find the smtp_sasl_password_maps parameter in main.cf. Client-side SMTP AUTH cannot work without this parameter!

    Read the article

  • What SDK I should choose on Amazon Web Service to build API on server app?

    - by Nguyen Minh Binh
    I am a newbie on Amazon Web Service. I have a task that setup then build a web service that provide APIs to Mac OS, iOS, Android client. There are some APIs and Database need to be kept in secure. I see that AWS support multiple platform such as Java, .Net, PHP,... It also support many Database Management System. Not yet, there are 2 special SDK for Android and iOS app. So, What should I choose (Java, .Net, PHP,...) to carry out my task? Does AWS support all webservice protocol? Does it support secure webservice? Thanks a lot.

    Read the article

  • Confusion over terminology SSH, Shell, Terminal, Command Prompt and Telnet

    - by byronyasgur
    I don't usually use SSH if I can get away with it, but if I have to I do of course, and I've seemingly done this for years while still managing to remain slightly confused about these different terms ... from my basic research, this is my understanding, could someone verify/correct this? Telnet ... before SSH, not secure SSH ... ( secure shell ) the general name of the system/protocol Shell ... short name for SSH Command Line/Command Prompt ... the windows version Terminal ... the Unix version, also used by apple. Two further questions: What is the Linux version commonly called, is it just called SSH ? What is bash ?

    Read the article

  • UFW blocks SSL connections Varnish/Apache2 on Ubuntu 12.04

    - by user1383815
    I have installed Virtualmin on a Ubuntu 12.04 server and I'm using LAMP stack with Varnish (:80) in front of Apache (:8000). However, I cannot access https when UFW is enabled. When I disable UFW, all works fine. Here is what UFW logging shows when I attempt to access a website via https: Dec 14 05:42:29 localhost kernel: [64491.327263] [UFW BLOCK] IN=eth0 OUT= MAC=e4:11:5b:e5:ef:8c:00:d0:02:8f:f0:00:08:00 SRC=MY_IP_ADDRESS DST=SERVER_IP_ADDRESS LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=2524 DF PROTO=TCP SPT=56430 DPT=20000 WINDOW=8192 RES=0x00 SYN URGP=0 Here is my UFW ruleset: $ ufw status Status: active To Action From -- ------ ---- 2221 ALLOW Anywhere 10000 ALLOW Anywhere 80 ALLOW Anywhere 21 ALLOW Anywhere 8000 ALLOW Anywhere Apache Secure ALLOW Anywhere 2221 ALLOW Anywhere (v6) 10000 ALLOW Anywhere (v6) 80 ALLOW Anywhere (v6) 21 ALLOW Anywhere (v6) 8000 ALLOW Anywhere (v6) Apache Secure (v6) ALLOW Anywhere (v6) Does anyone have any pointers how to fix this problem? Thank you for your time.

    Read the article

  • Can I easily use a VPN to duplicate SSH Tunneling functionality?

    - by Steve V.
    Right now, when I want to use an unsecured wireless connection with my (Linux) laptop, I secure my connection using a variation of the method provided here. However, to the best of my knowledge, the (non-jailbroken) iPad does not allow applications to tunnel traffic through local ports. However, it does seem to allow certain VPN traffic. I have never set up, or even used, a VPN before. I'm looking for confirmation that I'm not barking up the wrong tree before I invest significant effort into setting up my own VPN server. If I want to secure my wireless iPad traffic over an unsecure wireless connection, would I be on the right track by looking at a VPN?

    Read the article

  • Maybe I'm infected?

    - by aiacet
    In the last two weeks, when I was using MPC-HC (Media Player Classic Home Cinema) to watch some "justyfied" episodes, my F-Secure Client Security antivirus software alerted me that there was a threat in file A0027132.exe (the number increased each of the three times that the antivirus found a new threat). All these three threats are now quarantined and the files are: 1) C:/System Volume Information/_restore/{72AACB12-6526-40F2-81D7-69DF5809DD8A}\A0027132.exe 2) D:/System Volume Information/_restore/{72AACB12-6526-40F2-81D7-69DF5809DD8A}\A0027133.exe 3) D:/System Volume Information/_restore/{72AACB12-6526-40F2-81D7-69DF5809DD8A}\A0027134.exe The three threats are recognized like: 1. Backdoor.Generic.360086 2. Trojan.Packed.8707 3. Trojan.Packed.8807 F-secure and the OS are both updated at the last release/virus definition.

    Read the article

  • Security question pertaining web application deployment

    - by orokusaki
    I am about to deploy a web application (in a couple months) with the following set-up (perhaps anyways): Ubuntu Lucid Lynx with: IP Tables firewall (white-list style with only 3 ports open) Custom SSH port (like 31847 or something) No "root" SSH access Long, random username (not just "admin" or something) with a long password (65 chars) PostgreSQL which only listens to localhost 256 bit SSL Cert Reverse proxy from NGINX to my application server (UWSGI) Assume that my colo is secure (Physical access isn't my concern for the time being) Application-level security (SQL injection, XSS, Directory Traversal, CSRF, etc) Perhaps IP masquerading (but I don't really understand this yet) Does this sound like a secure setup? I hear about people's web apps getting hacked all the time, and part of me thinks, "maybe they're just neglecting something", but the other part of me thinks, "maybe there's nothing you can do to protect your server, and those things are just measures to make it a little harder for script kiddies to get in". If I told you all of this, gave you my IP address, and told you what ports were available, would it be possible for you to get in (assuming you have a penetration testing tool), or is this really protected well.

    Read the article

  • Suggestion for auditd set-up

    - by JVerstry
    Hi, I am trying to learn about securing a Linux box (I am using Ubuntu). Auditd is recommended for monitoring activities on the node. I have managed to install it, but I can't find much information about proper set-up to secure my node. How should I set-up auditd to make my node more secure? What should I monitor? Why? I am looking for set-up examples and recommendation from experienced administrators. Thanks!

    Read the article

  • May I'm infected?

    - by aiacet
    Hello again to everyone and many thanks to all the expert that will read this post and proupose a solution to my problem. In the last tw week, when i saw with MPC-HC (media player classic home cinema) some "justyfied" episodes, my F-Secure Client Security antivirus software alert-me that there is a threat in A0027132.exe file (the number still chanhe and increase each time, 3, that the antivir found a new threat). All this three threat are now quaratined and the file are: 1) C:/System Volume Information/_restore/{72AACB12-6526-40F2-81D7-69DF5809DD8A}\A0027132.exe 2) D:/System Volume Information/_restore/{72AACB12-6526-40F2-81D7-69DF5809DD8A}\A0027133.exe 3) D:/System Volume Information/_restore/{72AACB12-6526-40F2-81D7-69DF5809DD8A}\A0027134.exe the three threat are recognized like: 1) Backdoor.Generic.360086 2) Trojan.Packed.8707 2) Trojan.Packed.8807 The F-secure and the OS are both udpated at the last release/virus definition. Waiting for an answer, thanks in advance

    Read the article

  • How to configure SSL on an instance of SQL Server to allow dedicated users to remotely access it?

    - by The Good Boy
    I have configured the instance of SQL Server to allow dedicated users to access it remotely. Connection string Data Source = 192.168.1.2,1433\sqlexpress;etc... has been tested and works. However, I have not configured the SSL to secure the communication. How to configure SSL on an instance of SQL Server to allow dedicated users to remotely access it? edit 1 The dedicated user will administer its database using Sql Server Management Studio. What I want to do is to secure the communication when he/she administers the database using Sql Server Management Studio.

    Read the article

  • How to force WinXP to ask for password before software installation/uninstall?

    - by crosenblum
    I really like some of the linux security measures it uses. So what i'd like to do is have WinXP Pro SP3 ask for my user password everytime i try to install/remove software. I know I can't make windows be as secure as linux, but i'd love to adopt some of the great ideas and measures used, as possible, to make windows more secure. Any suggestions? P.S. Are there other people out there, who try to make their windows feel more linux like? Just curious.

    Read the article

  • How can i enter in Network Security Field

    - by Master
    I am thinking of Entering in Network Security Field. It can be securing windows network , linux network But exactly don't ave the full picture how does that area is divided I only have the vague idea. i want some position where company call me to check their system to see if its secure. Or govt can hire to secure network from external access. Any thing like that Can anyone give me some idea how can i start. Is there any scope in that area. How its growing in future. Are there any certification which ican do to start with thanks

    Read the article

< Previous Page | 35 36 37 38 39 40 41 42 43 44 45 46  | Next Page >